Fortigate published a patch for CVE-2023-27997, a Remote Code Execution vulnerability reachable pre-authentication, on every SSL VPN appliance.

  • computerboss@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    I bought a fortunate 60e a few months ago to play around with. After setting up some vlans, subnets, and firewall rules I am considering just selling it. Without a license you don’t even get security updates. So at this point opnsense might be my next firewall to learn on. I was just trying to my hands on what is actually being used by companies.

    It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

    • borari@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 years ago

      It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

      Like you said, I think companies should be prohibited from locking security updated behind a license paywall. Features are one thing, and while I would also like free homelab licenses, I understand why companies don’t offer them, especially for products like enterprise firewalls, routers, and switches. A company shouldn’t require you to pay more money to secure something they shipped with a vulnerability. Honestly this kind of shit should take precedence over the squabbling about USB-C, App Store monopolies, or whatever other flavor of the month issue the EU or the US is lambasting tech companies for.